Change the SSL Certificate of the vSphere Replication Appliance

<

|

You can change the initial vSphere Replication SSL certificate by generating a new self-signed certificate or uploading an SSL certificate signed by a trusted Certificate Authority.

About this task

vSphere Replication generates a standard SSL certificate when the appliance first boots and registers with vCenter Server. The vSphere Replication self-signed certificate expires after 360 days from the first boot of the appliance. The default certificate policy uses trust by thumbprint.

Prerequisites

Verify that you have administrator privileges to configure the vSphere Replication appliance.

Procedure

Use a supported browser to log in to the vSphere Replication VAMI.

The URL for the VAMI is https://vr-appliance-address:5480.

Type the root user name and password for the appliance.

You configured the root password during the OVF deployment of the vSphere Replication appliance.

(Optional) Click the VR tab and click Security to review the current SSL certificate.

Click Configuration.

(Optional) To enforce verification of certificate validity, select the Accept only SSL certificates signed by a trusted Certificate Authority check box.

Generate or install a new SSL certificate.

Option

Action

Generate a self-signed certificate

Click Generate and Install. Using a self-signed certificate provides trust by thumbprint only and might not be suitable for environments that require high levels of security. You cannot use a self-signed certificate if you selected Accept only SSL certificates signed by a trusted Certificate Authority.

Results

You changed the SSL certificate and optionally changed the security policy to use trust by validity and certificates signed by a certificate authority.

Note:

If you change a certificate on one of the source or target sites, the connection status to this site changes to Connection issue. In the vSphere Web Client, you can check the list of target sites under vSphere Replication on the Manage tab, and reconnect the sites.